The Broadband Guide
SG
search advanced

Google stored some business passwords as plain text

2019-05-22 18:07 by

 

In a blog post today, Google revealed that a bug in an old G Suite tool caused some portion of G Suite users to have their passwords stored in plain text for nearly 14 years, between 2005 and 2019.

The company said that only G Suite enterprise customers were impacted, but not regular Gmail accounts. Google says that it can't find any evidence that anybody's password was improperly accessed. It's resetting any passwords that might be affected and letting G Suite administrators know about the issue.

The problem arose from a now-removed feature in G Suite enterprise accounts. Google had allowed domain administrators to manually set passwords for a company's users so new starters could quickly log into accounts on their first day. But an error when implementing the feature back in 2005 meant the admin console stored a copy of these passwords in plain text.

"To be clear, these passwords remained in our secure encrypted infrastructure," said Google vice president of engineering Suzanne Frey. "This issue has been fixed and we have seen no evidence of improper access to or misuse of the affected passwords."

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About